HONOLULU – Gov. David Y. Ige has proclaimed October 2016 as Cyber Security Awareness Month in Hawaii, highlighting the state’s vital role in identifying, protecting its citizens from, and responding to cyber threats that may have significant impact to individual and collective security and privacy.

Hawaii’s observance coincides with National Cyber Security Awareness Month, recognized by President Barack Obama, the U.S. Department of Homeland Security, the Multi-State Information Sharing and Analysis Center, the National Association of State Chief Information Officers, and the National Cyber Security Alliance. In addition, the annual national cybersecurity public awareness campaign “Stop.Think.Connect.” is implemented through a coalition of private companies, nonprofit and government organizations, as well as academic institutions working together to increase the understanding of cyber threats and empower the American public to be safer and more secure online.

“We have made great strides in recent years in securing the state government network and expanding our state employee-led cyber security program,” said Todd Nacapuy, state chief information officer. “However, cyber security remains a shared responsibility in which every citizen has a critical role to play. Awareness of computer security essentials will improve the security of cyberspace for all of us.”

Hawaii citizens are encouraged to visit the Stop.Think.Connect. website at https://stopthinkconnect.org for tips and resources. Additionally, throughout the month, ETS will be sending weekly cyber security tips to state personnel on issues such as the importance of using strong, unique passwords; applying two-factor authentication; being aware of phishing scans; and tips for staying safe this school year.

Cyber Tip: Use Strong, Unique Passwords

Cybersecurity experts recommend that everyone use strong, unique passwords because every day malicious cyber threat actors compromise websites and online accounts, and post lists of usernames, email addresses, and passwords online. This exposes individuals’ passwords and, worse yet, they are exposed with information that uniquely identifies the user, such as an email address. That means that a malicious actor can look for other accounts associated with that same person, such as work related, personal social media, or banking accounts. When the malicious actor finds those accounts they can try logging in with the exposed password and if the password is reused, they can gain access. This is why unique passwords matter.

Two-factor authentication is also an important layer of defense beyond your password. It decreases an individual’s risk of falling victim to a compromise because criminals need access to two separate items to compromise your account — for instance an individual’s password and smartphone (to receive the PIN code). Cyber criminals regularly “leak” login credentials from compromised websites. They then use these leaked login names, email addresses, and passwords to find other accounts using the same credentials. This allows them to easily impersonate individuals online, gain access to work and personal accounts, sign online service agreements or contracts, engage in financial transactions, or change account information. Enabling two-factor authentication makes it more difficult for criminals to use this technique because a password would not be sufficient to gain access.